half the computers infected with malware designed to steal personal information are in the U.S.

As CNET blogger Topher Kessler explains, simply visiting a malicious Web site containing Flashback on an OS X system with Java installed will result in one of two installation routes. The malware will request an administrator password, and if one is supplied, it will install its package of code into the Applications folder. If a password is not offered, the malware will install to the user accounts where it can run in a more global manner.

I did see that one, it really looks like some groups is targeting MACs - difficult to say what measures to take other than keep up-to=date with news stories etc - If its only tracking passwords and stuff its very small data, also it seems to be more MACs in the USA

Some time back as a Mac (as well as PC) user I advocated installing anti-virus software on Macs and got roundly and loudly told off by those that believe that Macs are charmed and cannot ever be infected by anything. So, I'm going to join you: ha ha ha ha ha!

CC

PS it's interesting that this malware uninstalls itself if it detects the presence of anti-virus software.

Anti-virus would remove a trojen during a scan. A decent one might even reconigze the trojans code and stop it being installed in the first place. Apples been advising antivirus being installed for years so that should say something about the situation.

It's just that on the apple discussion boards they say that the virus program wouldn't work here, and that it's not a recommended way to clean the system of this malware and you can't be sure it would be removed.

this is an older trojan anyway with a clean up method available, see the other thread for the newer trojan which has no fix it seems except re-install.

Maybe we will need to follow your advice about anti-virus software in the future, however the main thing seems to be to turn off Java in the preferences - of course not much good if it's already in. Lion comes with Java off as default, I just wish apple had warned us a bit louder to turn it off in the older systems as well.

I have decided not to install any anti virus software, even though my son's computer had the trojan. I have decided to just turn off Java and tell my son to be more careful with Adobe updates - you can always install upgrades by running Adobe itself if your not sure of the prompt. I think he most likely became a victim this way (Facebook etc. not really concentrating and installed the fake Adobe Flash upgrade) with the original variant. This was the smart one which erased itself if littlesnitch or (ahem) antivirus software was detected. This is the one which can be removed using Terminal as described, seems to work. As he didn't have any software to detect it I think he had it for awhile, but one of the symptoms he had noticed recently (last week or so) was Safari crashing strangely. Which is what is reported to happen, increasing instability leading to crashes. He's on Snow and I only mention this in case anyone else has seen Safari crash recently, you might be infected.

The new version is it seems both more sneeky and less sophisticated. It gets in via Java and can install without your knowing even if you don't stupidly type your password. However without Java and Flash neither variant could have got in! It installs whether or not you have little snitch (why I say less sophisticated) and that is how it was spotted, little snitch snitched on it.

The other thread has a link to the apple discussion where it was first picked up. If you go to the beginning it is quite interesting to see the apple community slowly wake up to the problem. I'm sure though there wouldn't even be a discussion on a PC site about a windows malware threat, no news there, how many thousand malware threats have been seen on PC's in the same time frame? It says a lot that one trojan for macs has caused so much discussion.

Still I guess if macs continue to grow in popularity there will inevitably be a time when we lose our peace of mind and have to install anti-virus. Not yet though, but watch this space!

Fortunately Hugh, there are still some of us left that set the bar for humour higher than floor level.If it wasn't for the fact you make an appearance in Apple threads quite so frequently to drop your rancid brain farts, then yes we could shrug it off as a bit of humour. If that is, it hadn't already worn thin months ago.I just don't see why or how you go from being more than respectable in every post around here, until it gets to an Apple post, where you'll suddenly morph into a bigoted prat.

More seriously, it's inevitable that as Apple's market share grows that their OS will be targeted more. Windows was/is a popular target because it was/remains the dominant OS. iOS and Android also look like prime targets now.

I wonder what computers people have that are internet facing, how important they are, and how well protected.

My DAW hasn't seen a network connection since it was installed 4 years ago. It ain't broke and I've no intention of letting it get 'fixed'.

My netbook (which I use for work) goes online just occasionally via a firewalled router (wireless is switched off) to check for updates otherwise it too is blind to the 'net.

My general purpose one (that I'm typing this on) still goes via a firewalled router but otherwise goes just about everywhere. However, I use an e-mail client that's configured to only display plain text, run nothing, and ask before saving anything. My browser is Firefox, and I have NoScript, AddBlock and Ghostery configured pretty aggressively. For all of that if somehow it was to crash and burn I wouldn't regard it as a major disaster.

~Paul wrote:If it wasn't for the fact you make an appearance in Apple threads quite so frequently....

I don't know if you've changed the medication recently, but your hallucinations are definitely getting worse, along with your manners. The mac forum is demonstrably one where I contribute least. As for the rest, personal abuse of the kind you have levelled so needlessly at me will not be tolerated. If my sense of humour has offended you I apologise without hesitation, of course.

Fortunately Hugh, there are still some of us left that set the bar for humour higher than floor level.If it wasn't for the fact you make an appearance in Apple threads quite so frequently to drop your rancid brain farts, then yes we could shrug it off as a bit of humour. If that is, it hadn't already worn thin months ago.I just don't see why or how you go from being more than respectable in every post around here, until it gets to an Apple post, where you'll suddenly morph into a bigoted prat.

Sorry

You forgot /coat so that we'd all know you were joking.

Seriously, despite whichever platform we use, I don't think people infected will find it in the least funny; and I'm not sure it serves Hugh well to be laughing - even in jest - at the misfortune of others.

Regardless of intent (and I'm sure it was a little joke, and not just schadenfreude), this is the internet. You know - the internet? If there is to be a standard, then the admins should uphold it. It's bad form for a forum which purports to help its users if they are perceived to be laughing at them instead.

fletcher wrote:I have decided not to install any anti virus software, even though my son's computer had the trojan.

Well, best of luck. You might be alright, long term. Personally I reckon the time to sort your protection out is before you get burned, not after - I speak from painful experience here. But you're grown up, you can make your own decisions.

Think I'll quit this discussion here. On top of everything else it has got quite unnecessarily acrimonious, but then it always does, doesn't it? Sad.

I don't think people infected will find it in the least funny; and I'm not sure it serves Hugh well to be laughing - even in jest - at the misfortune of others.

I take your point, dmac, and I do sympathise with those who have suffered this problem. I presume with only 20-odd posts to your name you are relatively new to these forums so perhaps you are unaware of the years of friendly (and sometimes gloating) comments on these forums about the mac freedom of virus and Trojan attacks. I was making a lighthearted dig amongst friends of like mind, and clearly flagged it as such. Appropriate advice on dealing with the problem had already been given.

... well I'm with Hugh - we've all been a little too smug for a little too long.

I pulled AV on my non-work macs, set a root password and log in as a standard user. I'm still happy with that decision. But obviously I'm now going to be a little more careful still...

Anyway, AFAIR OS X ships with some anti-malware routines and gets updated - on the quiet - with something like the Windows Malicious Software Remover. No comfort if you're a Virus/Trojan early adopter of course